Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    304KB

  • Sample

    221219-3vkkzabe3w

  • MD5

    e878e18561c00dae21d19f7ff5be4c90

  • SHA1

    977ae2a707f2ce816cbd23143c7c9ab508ca6e38

  • SHA256

    47c522cb4095eb62a6818d3bc2e8b53d018513ebe4dc8a08a9aaf50f1401f98a

  • SHA512

    e3281bd79f9eddda1105f61906443a5bd9fb6f4cc62387b2af5be8261fb077632a306e2ba595b8060bf2ad8e73848f24cfe95ef58a239339210f3f9158b35e0a

  • SSDEEP

    3072:zLz3nLH+GG2PMX5qvYzrpQDtFKEM0HpLyWo5sczXewuIXGABFN0Hcgy65/1E3ZJO:rXLdXMYeretyVOLaz0Hcp63QZImQKG0

Malware Config

Targets

    • Target

      file.exe

    • Size

      304KB

    • MD5

      e878e18561c00dae21d19f7ff5be4c90

    • SHA1

      977ae2a707f2ce816cbd23143c7c9ab508ca6e38

    • SHA256

      47c522cb4095eb62a6818d3bc2e8b53d018513ebe4dc8a08a9aaf50f1401f98a

    • SHA512

      e3281bd79f9eddda1105f61906443a5bd9fb6f4cc62387b2af5be8261fb077632a306e2ba595b8060bf2ad8e73848f24cfe95ef58a239339210f3f9158b35e0a

    • SSDEEP

      3072:zLz3nLH+GG2PMX5qvYzrpQDtFKEM0HpLyWo5sczXewuIXGABFN0Hcgy65/1E3ZJO:rXLdXMYeretyVOLaz0Hcp63QZImQKG0

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks